Skip to main content

Security Operations Center (SOC) Analyst

Experience: 5-7
Posted: 19 Apr,2022
Location: India

Security Operations Center (SOC) Analyst

Work Location : India


Role Purpose: 
  • The SOC Analyst is responsible to perform a variety real time Threat Monitoring and Analyst activities to enable delivery of complete Security Incident and Event Management services on a wide range of security services. This includes applying your analytical, reasoning & specialized technical expertise to investigate, identify, correlate, and escalate security incidents, network anomalies and proactive/reactive reporting activities. 
  • The analyst will work closely with Enterprise log management team to support the development and operations of ELK platform.
  • Reporting to the Security Operation Center (SOC) Manager, the analyst expected to be an experienced Information Security professional with a high level of commitment, initiative, and a motivated self-starter with proven abilities to get the job done. You should possess excellent communication skills, a strong IT networking security background and be able to use these skills to deliver services within the ITIL driven Integrated Incident Management environment.


Technical Skills Required :

  • Minimum of 5 years of experience in a SOC environment with focus on security incident analysis and response activities.
  • Demonstrated experience in a SIEM product and preferred in ELK (Elasticsearch, Logstash and Kibana) stack solutions.
  • Experience with scripting (Python, PowerShell or bash scripting).
  • Significant experience performing analysis of logs from a variety of sources.
  • IT Security Certification such as GCIH|GCIA|GMON|CISSP|GCFA|GREM|OSCP will be considered as an advantage.
  • Good Knowledge of DevOps concepts, AWS and Azure fundamentals is a plus.
  • Significant experience performing analysis of logs from a variety of sources (OS, Endpoint Solutions, Databases, Email Security Gateways, Firewalls, WAFs, IPS, DAM, DLP, Web Servers etc...).



Qualifications/Education :
  • A bachelor’s degree in computer science, engineering or technology-related field, or equivalent



Key Responsibilities :
  • The SOC Analyst job’s main responsibilities are to deal with the security incidents which are detected by the security monitoring team and to lead in-depth analysis on these incidents in support of the Information Security & Compliance Strategy, Programs and Operations, such as:
  • The SOC Analyst is responsible for conducting information security investigations because of security incidents identified by the tier 1 security analyst who are monitoring the security consoles from various SOC entry channels (SIEM, Tickets, Email and Phone).
  • Act as a point of escalation for tier 1 SOC security analysts in support of information security investigations to provide guidance, actions and oversight on incident resolution and containment techniques
  • Act as the lead coordinator for Majid Al Futtaim’s response to individual information security incidents
  • Design, create and maintain custom SIEM content (creation, evaluation and tuning of rules, reports, dashboards, etc.).
  • Design, create and maintain custom tools that support incident handling and response activities
  • Staying up-to-date with emerging security threats including applicable regulatory security requirements to enhance the threat and technical intelligence of the company Cyber Defense services.
  • Development and improvement of the company’s knowledge base and incident handling procedures, playbooks and works on the decrease of false positives.
  • ELK knowledge to implement and operate ELK (Elasticsearch, Logstash and Kibana) stack solutions.
  • Support ELK integration with other enterprise IT systems such as: SIEM, Active directory, vulnerability management tools, office 365, ERP systems, AWS platform, Azure platform, windows, Linux, Solaris, oracle DB, SQL DB, big data platform, business applications.



Required Skills

Skill
Years
Months
Security Operation Center (SOC)
5
0
SIEM product
5
0
Elasticsearch
5
0
LogStash
5
0
Kibana
5
0
Python Scripting
5
0
PowerShell
5
0
bash scripting
5
0
DevOps
5
0
AWS
5
0